- Welcome to challenge 1 in the Track the Hacker Series, a multi-step challenge. You are simulating an attack path as the hacker to take over GlitterCo!
- For this challenge,
d34thdumped some data onto GhostTown in a thread about Dark Web Dumps. Use this information to track down the person’s username and password that he left out on the public web! This will require a bit of social media and other websites to track these credentials down, think you can hack it? - Submit the flag as
flag{username:password}(case sensitive).
- search for
deadface GhostTown - go to this website → https://ghosttown.deadface.io/ and search for → Dark Web Dumps
- let’s check the chat between them
- it’s
d34thand have some dumped files in google drive link - open the google drive link → https://drive.google.com/drive/folders/1tVdSeNgvGCLjhS-nbjhI0-uL3HAtacVY?usp=drive_link
- let’s open the first PDF
- let’s search for this username →
OpticSeltzer69 - ill use sherlock
- I opened all of them non have important information → but twitter one have
- open his twitter account → https://twitter.com/OpticSeltzer69
- search in his twitter account and find just this GitHub post
- going to his Github →
Embed GitHub - going to his repositories
- this is suspicious → going back to the google drive link the last 2 PDF have things related to
Glitterco - going to
BrownGlitterpage on GitHub →Embed GitHub - for me ill directly history of repos
- checking one by one
- opening → Embed GitHub
- username :
jakeg - password :
MakeitChocolateRain flag{jakeg:MakeitChocolateRain}
